You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ju...@apache.org on 2013/11/26 21:29:30 UTC
svn commit: r1545820 -
/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
Author: jukka
Date: Tue Nov 26 20:29:30 2013
New Revision: 1545820
URL: http://svn.apache.org/r1545820
Log:
OAK-928: Read access is enforced on NEW items
When a perfect copy of the shadowed content is added, the commit() becomes
a no-op and no write access checks get perfomed.
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java?rev=1545820&r1=1545819&r2=1545820&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java Tue Nov 26 20:29:30 2013
@@ -68,11 +68,11 @@ public class ShadowInvisibleContentTest
Root testRoot = getTestRoot();
Tree a = testRoot.getTree("/a");
- // /a/x not visible to this session
+ // /a/aProp not visible to this session
assertNull(a.getProperty("aProp"));
assertFalse(a.hasProperty("aProp"));
- // shadow /a/x with transient property of the same name
+ // shadow /a/aProp with transient property of the same name
a.setProperty("aProp", "aValue1");
assertNotNull(a.getProperty("aProp"));
assertTrue(a.hasProperty("aProp"));
@@ -84,27 +84,27 @@ public class ShadowInvisibleContentTest
}
@Test
- @Ignore // FIXME how do we handle the case where the shadowing item is the same as the shadowing item?
public void testShadowInvisibleProperty2() throws Exception {
setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_ALL);
setupPermission("/a", testPrincipal, false, PrivilegeConstants.REP_READ_PROPERTIES);
+ setupPermission("/a", testPrincipal, false, PrivilegeConstants.REP_ALTER_PROPERTIES);
Root testRoot = getTestRoot();
Tree a = testRoot.getTree("/a");
- // /a/x not visible to this session
- assertNull(a.getProperty("x"));
+ // /a/aProp not visible to this session
+ assertNull(a.getProperty("aProp"));
+ assertFalse(a.hasProperty("aProp"));
- // shadow /a/x with transient property of the same name
- a.setProperty("x", "xValue");
- assertNotNull(a.getProperty("x"));
+ // shadow /a/aProp with transient property of the same name *and value*
+ a.setProperty("aProp", "aValue");
+ assertNotNull(a.getProperty("aProp"));
+ assertTrue(a.hasProperty("aProp"));
- try {
- testRoot.commit();
- fail();
- } catch (CommitFailedException e) {
- assertTrue(e.isAccessViolation());
- }
+ // after commit() normal access control again takes over
+ testRoot.commit(); // does not fail since no changes are detected, even when write access is denied
+ assertNull(a.getProperty("aProp"));
+ assertFalse(a.hasProperty("aProp"));
}
@Ignore("OAK-869") // FIXME: OAK-869